Login

WARNING!

This warning banner provides privacy and security notices consistent with applicable federal laws, directives, and other federal guidance for accessing this Government system, which includes all devices/storage media attached to this system. This system is provided for Government-authorized use only. Unauthorized or improper use of this system is prohibited and may result in disciplinary action and/or civil and criminal penalties. At any time, and for any lawful Government purpose, the government may monitor, record, and audit your system usage and/or intercept, search and seize any communication or data transiting or stored on this system. Therefore, you have no reasonable expectation of privacy. Any communication or data transiting or stored on this system may be disclosed or used for any lawful Government purpose.

Introduction

As passed by the United States Congress, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) will institute administrative reforms that will be phased in over the period 2000-2003. Of major importance in the HIPAA legislation is the issue of data and transaction standardization-a mandate very few healthcare providers can sidestep if they bill third parties for services provided to patients. The law also changes the way health care providers have to protect the privacy of a patient's health information and contains security procedures that must be followed to protect the integrity of a patient's health information.

HIPAA Background

The Health Insurance Portability and Accountability Act (HIPAA) is also known as the Kennedy-Kassebaum bill. It was first proposed with the simple objective to assure health insurance coverage after leaving a job. Congress added an Administrative Simplification section to the bill (see the Department of Health and Human Services Administrative Simplification Web site for more information).

The goal of the Administrative Simplification section of the bill was to save money. It was requested and supported by the health care industry because it standardized electronic transactions and required standard record formats, code sets, and identifiers.

The impact of Electronic Standardization, however, was that it increased risk to security and privacy of individually identifiable health information. After Congress did not provide legislation defining the privacy and security requirements of HIPAA, the Department of Health and Human Services (DHHS) was required to provide them.